What is Reddit's opinion of
WSUS Offline Update?
From 3.5 billion Reddit comments
➔ WSUS Offline Update website
By popularity on Reddit, this Service is:
66 reviews of this app found across Reddit:
(Site is in English too.)
I use this at work to update desktops and servers... once built... no Internet access is needed. It runs the update requirements check offline and installs patches that are stored in a local folder.
The tool will first have you build an updater... you tailor it to your needs and it builds itself (Internet access required). Then put the updater (under the client folder once built)... on a storage medium of your choosing.
I update this tool once a month after Patch Tuesdays. Be sure to grab the latest version of the tool each month.
I twirl open the menu... 100+ updates. Fuck My Life.
And THIS is why I've got these:
http://www.wsusoffline.net/ to generate offline update packages (also as ISO image)
ZALMAN VE-300 usb hard drive which emulates a usb cdrom to boot from ISO images stored on the hard drive
Try this handy tool: http://www.wsusoffline.net
I'm not working in tech support, but I use it everytime I reinstall a Windows system. Basically I use it to download all available updates to a USB stick, then install the updates before ever connection the computer to the network.
Just to add. Windows updates can take a long time. So a handy tool I use is WSUS Offline Update.
The utility basically downloads the catalog of Windows updates locally (initial sync takes a while) and allows you to update machines without having to re-downloading them on a new machine. Obviously a large USB hard drive is good for this.
You could try http://www.wsusoffline.net/ - You just need to be able to get the files on the Servers and run the updates. Note that you just get the current status - any new updates and you will have to do it all again.
The ninite installer is pretty much just a wrapper/front end to do the downloading/installers, it's not self contained with all the data it needs, so can't be used before connecting to the internet.
I'll add WSUS offline if someone wanted to get all the windows updates on another computer, and then apply them to a disconnected install.
WSUS offline is pretty handy
You have to check a box on initial run, but it will take a box from "new install" to "completely updated" while you faff about doing other things
I'm also currently looking for such a solution. I found WPKG to be looking quite nice and am currently testing it.
Apparently it can install anything with a little scripting. There's also a German project WSUS Offline Update which I used in the past and was quite nice. It's highly scriptable and resource efficient. It's also possible to integrate it in opsi, another German OSS server management tool which runs as a lightweight VM.
Where would you get the updates from? There are some offline tools I have used in the past for standalone systems that could not be connected to a network. WSUS Offline
/r/Zamboniman has the best answer, use the Recovery Partition already on the machine.
How you access that varies by manufacturer. It usually involves pressing a particular key combo at start up. You might have to do a little googling to get the info for theirs.
What this does is return the machine to the same condition it was in when new. That means all the same bloatware, and none of the Windows Updates that have been issued since then.
To remove bloatware PC Decrapifier is handy. Check off what you want to remove and it runs the uninstall for all of it.
Regarding the updates, WSUS Offline will automate downloading and installing the, probably, hundreds of updates.
Edit: Since they will probably end up re-infecting the machine no matter how much you caution them, once it's reinstalled, updated, all ready to go, take an image. Next time all you'll have to do is restore that image.
Because we're doing multiple things at once, we charge for the time it actually takes us to get the thing cleaned off. While the scan is running, I'm doing something else. But the time it takes to get the machine booted up, get Malwarebytes running, and then get whatever is on there removed and clean up the damage...that gets billed.
Once again, it's the time it takes to actually "do" something. I don't have to watch their data backup. Now, I will charge you a little more for that then just backing up a couple photos because it takes a lot longer and you definitely aren't getting your computer back in a day.
We backup drivers before the machine is wiped. If that is not possible, then it takes the time it takes. If the customer isn't able to provide drivers CDs for their laptop/desktop, then it's going to take extra time to figure it all out.
As for updates, we use: http://www.wsusoffline.net/. Updates take about 30 minutes to go from fresh install to fully updated.
maybe WSUS Offline Update could help?
from their "patch coverage information":
> The disadvantage of this implementation is that computers updated by WSUS Offline Update will hardly ever completely satisfy Microsoft's Online Update afterwards, but the patch coverage does completely satisfy Microsoft Baseline Security Analyzer, and you also may add any optional update of your choice to both download and installation parts using statical definitions.
In my workplace we experimented with WSUS Offline Updates (http://www.wsusoffline.net/) in branch offices when connectivity is poor.
We prepared a 16GB USB drive which is sent to the site in question.
There are several similar projects, this is just the one we played with.
There's a little preparation required however it might help you.
I just use WSUS Offline. You can download updates for Vista and up, Server 2008 and up and Office 2007 and up. With languages and x32 x64 versions. Oh and .net updates as well. It has saved me days of waiting for stand-alone machine.
Just for future reference, WSUS Offline is a godsend for Windows maintenance. Run the program (or the Linux script) to download all the updates you select to the client folder, copy that to a flash drive or something, then give it a few hours to run. Once it finishes, you've got a mostly patched operating system.
Use wsus offline when you have to fire up new windows installs. It only applies security updates and you'll only have to do 1 reboot. Also you can keep the downloaded files for later use.
There are two that I know of.
The core software of both apps is no longer updated, but both continue to function with no issues that I've seen.
Is it a fresh install of Windows 8.1? If I remember correctly with a fresh install you have to install all the updates up to the point where they became cumulative (which I think was 2017), which requires a lot of installing, rebooting, and installing some more. You could use WSUS offline updater to automate that.
​
Or does it say that an update is failing?
I use wsusoffline it's a program started by a German IT magazine. It downloads all the updates (you can choose to only download security and not the "feature" i.e telemetry) updates. It has a gui for download and for installing with auto recall (reboot and restart updating) and everything you need to update a fresh installed Windows 7.
There is also a trick to get the updates working from windows update first Google link that looked similar
Windows XP x64 is a rebranded Windows 2003 x64. Updates for 2003 x64 install just fine. You just have to do so manually. But worry not, there are already fanmade tools that allow simple and easy all-in-one installation within a few clicks. See this: http://www.wsusoffline.net/
Thanks for the advice, I already solved this using the WSUS Offline Update tool, but as I said, the standard John Doe Windows user is light years away to even notice that this problem is going on in her/his computer. (At least this happened to me and to some of my clientes in Windows 7, I don't know if there are other Windows versions affected by the Windows Update issue).
Yep that's the usual excuse but nearly everyone vendor locked like that should:
Buy terminal licenses instead of desktop, run the app on a server that has no internet access but obtains updates from a wsus server or offline update.
Run linux terminals that rdp to the windows terminal server.
Transfer desktop licensing budget to server licensing, total software outlay is about the same but long term management costs go down.
If it's done properly with beefy servers and cheap as possible thin linux clients this solution is cheaper, faster, and more secure.
We've been making use of WSUS Offline Update to patch VMs that don't get Windows Updates from WSUS (Citrix Provisioning Services images, new VMs, offline CA.)
I spent some time automating and now I have scheduled tasks that: - Download the latest updates. - Create one big 25 GB ISO file with all updates for all supported Microsoft Windows and Office versions. - Connect to vCenter and dismount the current WSUS Offline ISO from any VMs. - Upload the new WSUS ISO to the VMware datastore.
Time well spent.
So you followed this?
https://technet.microsoft.com/en-us/library/dd939844(WS.10).aspx
On your test clients, have you tried running the diagnostic tool for WSUS?
https://www.microsoft.com/en-us/download/details.aspx?id=30827
I never looked it up but I never considered using Home to connect to a WSUS server.
Have you looked into WSUS offline to see if it meets your needs?
Nice work. Yeah, it's easily been the best automation investment for us so far.
So if I read correctly, your end game is to deploy MDT at clients sites? That seems nightmarish to maintain, unless they are a 50+ seat client who could really use something onsite.
We're currently just running an MDT server centrally in our office. This makes adding to the domain pretty tricky, but for our bigger clients, we create an IPsec tunnel to their locations for this purpose.
Packaging client specific software is a biatch for sure. Don't forget you can simply call scripts with MDT though, so if there is pre-req's and things like that, you can handle the if/else. I actually call every single software install with a batch file, even if it's only 1 line, this allows me to quickly edit the install switches/exe's without touching MDT.
Also check out wsusoffline for bringing the image 100% up to date, I found it much better/faster than a WSUS server. http://www.wsusoffline.net/docs/
Ninite for 3rd party software install/update.
Driver injection should be done with the %model% variable.
Any questions let me know.
WSUS Offline updater on a usb-stick was a success.
I'm forced to use out-of-date windows images all the time and it could take me 1-2 full shifts just to get all the updates done; but don't forget that bandwidth you'd be using too, that someone else could be using at that moment.
Hmm. Well you could always download the updated databases manually and just do an offline clean, but that really depends on the product you're using to clean the machines as some software will be limited.
Another option you could do is maybe just a desktop firewall kind of solution and throw all the devices you work on behind that until you're pretty sure they are clean. In the firewall settings you would only whitelist outbound to certain IP addresses (that being the IP addy's whrere the updated databases lie.
As for stuff like Windows Updates I recently tried an offline updater that worked quite well http://www.wsusoffline.net/docs/
Sounds like you might be running the client application and not the Update Generator. You're looking for UpdateGenerator.exe. Take a look at the documentation if you need clarification.
Another vote for http://www.wsusoffline.net/. You could grab all updates periodically, put the generated ISO file on a shared drive, have the clients mount it and update from it. Or something along these lines.
Let us know how it goes
For the record it's much easier on linux machines
Ignore slipstreaming in this situation. Grab WSUSOffline. http://www.wsusoffline.net/ There are many YouTube videos on how it works, but it batch installs all Windows Updates, Service Packs, IE upgrades, etc all at once. It's amazing and saves me hours and hours.
Use RT Se7en Lite to slipstream updates into an install disc image. You should be able to manually grab the updates with something like WSUS Offline Update.
Your suggestion sounds very plausible. IE is heavily integrated into the system. Basically everything that goes to the internet from the OS is handled by IE in the background, or at least its APIs. Even using Windows Live Essentials causes IE cookie requests to pop up (if it is configured to do that), even if no actual web page is displayed.
Try this program to build a full update package to install on her computer. Chances are, it will fix the error, and maybe even prevent more. I think there is even a way to remove IE from Add/Remove Programs, so it can't be easily uninstalled. IT's sneaky, but probably a good idea considering her apparent attitude towards it.
The probably best way to update Windows is through Wsus Offline. You can choose "Security updates only" which skips bullshit like this. http://www.wsusoffline.net/
I don't see myself ever downgrading to windows 10.
We use the GPO above but set it as a LPO on the parent then use http://www.wsusoffline.net/ repository on a mapped network share to patch each parent. Using wsusoffline allows us to keep the blank update internet location policy
Use WSUS to get your machine up to date. Download 11.8 (or whatever the latest version is).
Follow the directions. Check the x64 box for Windows 7 (if that's what you're using).
Be patient - it takes a little while. Note that there are two steps to use it in the directions - the download part, and the installation part.
You can download the latest version of Windows 10 here:
https://www.microsoft.com/en-us/software-download/windows10
Put that on a USB drive and you can use that to install the latest version of Windows on the PC without needing an Internet connection.
The Windows installer won't give you the latest security patches though, but you can download them and put them on a USB drive for later offline installation using a tool called WSUS Offline Update:
http://www.wsusoffline.net
Try WSUS. Go to the Download tab and get 11.6.
Follow the directions. Check the x64 box for Windows 10.
Be patient - it takes a little while. Note that there are two steps to use it in the directions - the download part, and the installation part.
Run the System File Checker.
If you can't install .NET after that, try using WSUS Offline Update.
I've found in some we just have to get 10-15 updates at a time, it's a real pain in the arse.
There is a 3rd party WSUS that you can drop on computers outside of a domain. It has its own server and client applications so it may be able to do it simply by not being the built in agent.
Don't know exactly, but a few options:
- Probably the most distasteful for you... put Windows Server in a VM and run a WSUS replica
- I think WSUS Offline still requires a valid local Windows installation, more than just WINE... maybe not though, you may be able to get away with running that in WINE and then pushing the offline updater binary to the clients. But that has its own set of caveats on scope of coverage, etc.
- Use a squid proxy and some network configuration to locally cache Windows Update queries. If the Windows Update connection itself is encrypted, this may not work.
This is used to install the patches after you build the machine. http://www.wsusoffline.net/docs/ here is a short step by step to use it
Check the windows 7 box in the download updates section. This can be done on another machine. You will want to move it with a large flash drive if you do it on another machine. I don't remember it working well from the flash drive the last time I used it. The patches can take quite a while
You can find the repository and source here. Under this link you find a list with references and technical articles about the program. After you updated to the most recent updates you can use windows update normallly.
The problem that a fresh windows 7 install won't find updates is well know and there a lot of fixes around. I usually just use wsusoffline and keep the downloaded update catalog around to get faster up and running when I make new windows 7 installs.
When you say manually, are these just off network systems or on a separate network?
I never tried it personally but you can look into http://www.wsusoffline.net
I believe there are also third party enterprise solutions that can download updates for offline install.
i have also looked into script downloading of updates but i think that's violating MS policies if you script against their site without authorization.
MS used to release ISO files with all updates but they haven't done that since July2016
Yea there are a couple of ways. You can maintain a slipped image with the cumulative updates already in place. (Do some googling, there are a few ways to do this.)
Or you can just download the updates with a program like WSUS, http://www.wsusoffline.net/
Personally, I carry a slipped ISO of win7 and win8 in a few flavors. We arent running win 10 in my organization yet.
I recall recently reading that the automatic update settings GPO does still function in AU. Have you tried setting "Configure Automatic Updates" GPO to 2 or 3, setting "Allow Automatic Updates immediate installation" to disabled and "No auto-restart with logged on users for scheduled automatic updates installations" to disabled? You can set these locally by doing Win+R -> gpedit.msc -> Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Windows Update.
At work I use WSUS with auto install enabled but with no auto-restart for logged on users also enabled and haven't had a user complain about auto restarts yet - though I usually force a restart on all machines over the weekend if I approve any updates in WSUS earlier in the week.
You could also either disable the Windows Update service and use either Windows Update Minitool or WSUS Offline when you're ready to update, or I just found this script that resets the active hours counter.
Win7 has been terrible for updates for a long time now.
The best workaround I have found is to use WSUS Offline to manually download to a folder, and run the updates from there.
I have found this works much better than manually installing the few updates people have recommended (though this still makes a difference I have found) And you can watch it progress instead of watching the built in Windows update Checking for updates screen scroll indefinitely. It even can automatically reboot and continue by iteself, so you start it and just walk away to check it later.
When it completes you dont have to change anything, it will continue to check for updates online as it always would.
Try "driver pack solution" current version is 17.7.4 , the offline file is 11.2gig iso but it can be extracted directly to a usb key instead of burning to dvd.
WSUSoffline is great for getting the updates installed when windows seems to fail and it too can be run directly from a usb key. Do read the docs on how to use it...
I can pm a torrent link for the driver pack...
Edit, The software update part of DPS offers to install programs not on your computer. Be careful with this part of the program.
I needed to rebuild my SkyComputer because one of the programs installed on the SkyComputer was preventing me from connecting. I used WSUS Offline (http://www.wsusoffline.net/) to install windows updates. I rebooted and it came up pretty quickly. I wonder if antivirus programs such as Microsoft Security Essentials and Lavasoft Ad-aware Antivirus is causing long boot times.
Assuming you're really just looking for an updated ISO to install from -- you can take the stock ISO, mount it (the embedded install.wim image), and push updates into it, and reseal it for use in later installations.
It's actually quite easy to do, and somewhat easy to automate it on a schedule.
Start here for the process: https://blogs.technet.microsoft.com/configmgrdogs/2012/02/14/applying-windows-updates-to-a-base-wim-using-dism-and-powershell/
Here for the offline update files: http://www.wsusoffline.net/
Hm, worth giving it a shot. Just don't apply the updates manually after the wipe and let WU look for updates as normal. Never tried it but if it's working as it should be then it will find a similar hash between the expected file and the one already in its download directory and accept it as valid.
Just don't copy any other SoftwareDistribution subdir, say DataStore for instance. This could lead WU to believe some updates were already applied and wreck the update sequencing.
There is also a tool that might be of some use. It is called WSUS Offline Updater and allows the user to create an update package in order to update another computer, dort of pre-peer-to-peer upgrade. So you may be able to create an upgrade package from what's on your hard drive using this software prior to wiping it.
This is a very complex solution, I would look into downloading Windows updates to your host machines instead if you haven't already. Our team has successfully used WSUS Offline Updater.
You can try to install the updates via WSUS Offline a programm that first downloads all the Updates from microsoft and then installs them normally. This should at least get your system up to date and may fix your problem.
It also speeds up the process a bit, and it is really helpful for future reinstalls. You can find it here. Really helpful if you plan to set up a friends PC, just donwload at home and take a USB with you. ;)
> need to turn off Windows Updates in order to prevent an automatic upgrade to Windows 10.
the distribution of W10 is another question - yeah their solution is shitty - but you don't have to turn off Windows Updates. Even if you do, you could do updates with the WSUS Offline Updater for example.
You can do this to the flash drive, and then maybe something like http://www.wsusoffline.net/ so that you can patch it most of the way without having to download the (What was last estimated at over 1GB) of patches needed.
For those worried about security while using windows update, a tool I found a good while ago might be of interest to some its called WSUS Offline Update Basically you can grab updates and install them to a offline computer.Anybody here ever use this?
I did when I first found it and seemed to work just fine. Anyways I thought I would share.
Try WSUS Offline. I use it all the time and I have never had issues with 8.1 old patches still showing as needed after the roll-up patches are installed.
WSUS Offline is a patching tool that you "build"... it has the update checker and patch repository all in a folder. It can be run from CD/DVD or a flash drive.
If you need any help... just PM me.
You will need to run the tool multiple times on a new machine... after each reboot... until it says you no longer need any patches.
Predownload all updates via WSUS Offline and if you want a complete driver collection to update those: Snappy Driver Installer
If you find yourself regularly updating Windows Vista, 7, 8, 8.1, or Server 2003/2008/2008 R2/2012/2012 R2 machines, or Office 2007/2010/2013, you should take a look at WSUS Offline.
It downloads all the updates, and then packages them together and automates the installation of the updates. Whilst the initial download can take a while, and installing the updates also takes a while, it's still quicker than downloading the updates on each machine and the automated installation also makes it easier and quicker.
Try http://www.wsusoffline.net/, It will pre download all of the updates and make an exe that will install them all it will automatically reboot and login to continue the updates. Until it is fully up to date. I used this to install all updates on new installs of windows.
It's been a while, but I faintly remember a tool I used. An Offline updating of sorts that created an index of what you need, and download the files for you. I don't think it was this, but seems to be the same context: http://www.wsusoffline.net/docs/
I'm a week late on this, but especially if you're doing IT, WSUS Offline is an absolute godsend. Select the products you want to create installers for, let it download every patch (this might take some time, depending on which OSes you have selected), then copy the "client" folder to a flash drive or burn the ISOs in the "iso" folder to a DVD and all of a sudden the only think you have to do is run "UpdateInstaller.exe" and click Start to bring your machines up to spec.
I'm running it on two machines right now, and it's working fantastically.
This tool will download all updates for several versions of windows and office. Afterwards, you can place the files on a flash drive and install them on as many computers as you like, without having you to re-download them.
It's quite self-explanatory, hasn't failed me once and is generally awesome :)
Here are some of the ways I've approached it:
1.) The next time you run Windows Update on a freshly reinstalled machine,.. COPY/PASTE the Updates list into a blank Notepad window. Then go through 1x1 and download all the updates. Save it to a network folder and use something like QChain.exe to auto-install them all.
2.) You could build a custom Windows install CD that already includes all the updates. Do a Google search for "Slipstreaming"
3.) Just discovered this: http://www.wsusoffline.net/
4.) The proper answer is to use something like WSUS Server... unless of course you don't have the money/flexibility to do that.
Are you using Windows Update? If so, you might try manually updating to see if it will install and get past those updates. Try WSUS Offline... it builds a local update repository on your machine and updates offline... you can tailor it for just Windows 7. It's free.
However, the wallpaper thing makes if feel like a more serious issue. Did it start to do that before or after it had issues updating? Perhaps parts of the failed updates are still lingering. Maybe getting the service pack fully installed will help. I'd try the manual update... just to see if it would work.